SubmiN|KinG's KeygenMe #BEEF
| Download KeygenMe.zip, 169 kb (password: crackmes.de) Browse contents of KeygenMe.zip Simply a new keygenme for you guys, better this time!
Difficulty: 4 - Needs special knowledge | RatingWaiting for at least 3 votes View profile of SubmiN|KinG » |
Solutions
Solution by simonzack, published 21. sep, 2010; download (39 kb), password: crackmes.de or browse.
simonzack has not rated this crackme yet.
Discussion and comments
| Ox87k 05. Jun 2008 | Lovely keygenme but i HATE the obfuscations! Good job man! Now i need to understand something more about .net obfuscation! ;) (even if it can be well keygennable also with the obfuscated code) |
|---|---|
| Jim~ 06. Jun 2008 | The code isn't really obfuscated. Just the names of all the classes, methods, etc are changed to random symbols. Anyway, this looks like one hell of a complicated algo. Twists and turns everywhere! Looks like we'll have to bruteforce a hash. You say no patching, but would a self-bruteforce patch be acceptable? :X |
| TiGa 06. Jun 2008 | No self-bruteforcers will be accepted as solution. It is just like patching. |
| Jim~ 06. Jun 2008 | This is going to be hell, then :D |
| MACH4 06. Jun 2008 | hehe, I've been away for a while but this looks like a nice one to try... |
| HMX0101 06. Jun 2008 | Bruteforcing isn't the problem here (i've got the key), problem is identifying which public-key algo is used and i'm not talking about RSA ;) Good work, submin! You already do it possible :D |
| Ox87k 06. Jun 2008 | I think it's ElGamal.. builder.Append("<ElGamalKeyValue>"); Btw, if i'm right (and so it's ElGamal) the main problem is to find the X.. DLP solver are running on my pc until 1 hour and nothing good for now. Maybe i'm in the wrong direction.. |
| HMX0101 06. Jun 2008 | @Ox87k: i've guessed the same as you :) and i've runned DLP Solver 3 hours ago and still nothing :/ |
| SubmiN|KinG Author 07. Jun 2008 | @Kurapica: no cheating! let the kids play fear, and dont give them the pleasure of an un-obfuscated code :P @HMX0101 & 0x87k: good luck :P |
| Ox87k 07. Jun 2008 | Is it really solvable with a normal DLP solver like the one on www.alpertron.com.ar/DILOG.HTM or the Resolve DLP for Armadillo? |
| Kurapica 07. Jun 2008 | lol It's almost impossible to make a valid keygen by analyzing obfuscated code only in reflector :-{ because the algo is huge and distributed over many classes, so It's necessary to have a deobfuscated copy of the exe ! anyway even with the deobfuscated exe it's still a hard work and needs some time. if it was a real life target then I would go for a patch only :-} nice challenge anyway |
| SubmiN|KinG Author 07. Jun 2008 | @0x87k: i think you should consider using ResolveDLP, as 160bit is a bit big for DILOG :P @Kurapica: i didnt mean you couldnt use your own tools on it, just dont post it here - its cheating then for the others :P /SK |
| MACH4 07. Jun 2008 | I think any really interested parties had already deobfuscated anyway, but yes still will take some time to pull it back into code which is easier to understand fully! I would have rated this higher! |
| SubmiN|KinG Author 07. Jun 2008 | @MACH4: what rate would you have said it was? /SK |
| MACH4 07. Jun 2008 | Easier to judge that once I or someone else has solved it, from what I've seen so far, its clear that some real time and effort has gone into producing it, and maybe more time required to solve it, I would have thought a provisional difficulty 4. Anyway, Thanks for your crackmes, I believe they are in the top league of .NET crackmes currently available... |
| TiGa 07. Jun 2008 | It's hard to rate .NET crackmes. Most of those that appear very hard end up being solved by a simple copy/paste of the algo from Reflector. We'll see from the solutions. From the description, if it was a "normal" crackme, it could be rated 4 or possibly even 5 but the .NET factor makes a difference. Sounds like fun though. |
| Ox87k 07. Jun 2008 | Well, Kurapica i have already code the whole keygen, i miss only the DLP result for ElGamal part and i've done it all with obfuscated code in reflector. In the mine first post i said: "(even if it can be well keygennable also with the obfuscated code)" If you know well some crypto stuff then it's easy to understand how to defeat the algorithm but it takes a bit because of the 160bits DLP. @SK: Btw i agree with MACH4, level 4 or better 5 would be appropriate |
| HMX0101 08. Jun 2008 | Obfuscation is poor and algo is simple, only problem with this crap is which uses a 160bits DLP! =O Keygenning it using a win32 languague makes it easy! so, i rate it as 3 or 2.5! =D I think with a level 5 its overrated ;P Just my 2 cents :D |
| SubmiN|KinG Author 08. Jun 2008 | @ALL: Thanks for enjoying my challenge, i really hope someone will have a solution soon :=) /SK |
You may leave your comment, thoughts and discuss this crackme with other reversers here.
Acting childish will not be tolerated.
HTML and such will be left as-is, so don't try.